← Back to home
ICSA-20-338-01  ·  Published 2020-12-03  ·  View on CISA ICS-CERT ↗

National Instruments CompactRIO

CVSS 7.5 HIGH

Risk Summary

Successful exploitation of this vulnerability could allow an attacker to reboot the device remotely.

CVEs (1)

Remediations

  • 1. Download the NI CompactRIO 20.5 Driver.
  • 2. Install the driver on host computer.
  • 3. Update the firmware on CompactRIO controllers to v8.5 or higher. Refer to Upgrading Firmware on my NI Linux Real-Time Device for directions on how to update the firmware on current controllers. Updating the firmware patches the Safe Mode where defaults are loaded.
  • 4. Format the target to apply the new safemode default permissions. Refer to How to Restore LabVIEW RT Target to Factory Default Configuration for directions on how to format and reinstall software on target.
  • 5. Repeat Steps 3 and 4 for each affected CompactRIO target.

Affected Vendors

National Instruments Corp. (NI)

Affected Products (1)

National Instruments Corp. (NI) · CompactRIO Driver < 20.5

Affected Sectors

Critical Manufacturing

Get alerted to advisories like this

OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.

Start free trial Learn more